Marketo Authentication Service

Last update: 2024-01-25
  • Created for:
  • Experienced

AEM Forms 6.5

Marketo’s REST APIs are authenticated with 2-legged OAuth 2.0. We need to create custom authentication to authenticate against Marketo. This custom authentication is typically written inside an OSGI bundle. The following code shows the custom authenticator that was used as part of this tutorial.

Custom Authentication Service

The following code creates the AuthenticationDetails object which has the access_token needed for authentication against Marketo

package com.marketoandforms.core;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;

import com.adobe.aemfd.dermis.authentication.api.IAuthentication;
import com.adobe.aemfd.dermis.authentication.exception.AuthenticationException;
import com.adobe.aemfd.dermis.authentication.model.AuthenticationDetails;
import com.adobe.aemfd.dermis.authentication.model.Configuration;
@Component(service={IAuthentication.class}, immediate=true)
public class MarketoAuthenticationService implements IAuthentication {
MarketoService marketoService;
    public AuthenticationDetails getAuthDetails(Configuration arg0) throws AuthenticationException
        AuthenticationDetails auth = new AuthenticationDetails();
        auth.addHttpHeader("Cache-Control", "no-cache");
        auth.addHttpHeader("Authorization", "Bearer " + marketoService.getAccessToken());
        return auth

    public String getAuthenticationType() {
        // TODO Auto-generated method stub
        return "AemForms With Marketo";

The MarketoAuthenticationService implements IAuthentication interface. This interface is part of the AEM Forms Client SDK. The service gets the access token and inserts the token into the HttpHeader of the AuthenticationDetails. Once the HttpHeaders of the AuthenticationDetails object is populated the AuthenticationDetails object is returned to the Dermis layer of Form Data Model.

Please pay attention to the string returned by the method getAuthenticationType. This string is used when you are configuring your data source.

Get Access Token

A simple interface is defined with one method that returns the access_token. The code for the class that implements this interface is listed further down the page.

package com.marketoandforms.core;
public interface MarketoService {
    String getAccessToken();

The following code is of the service which returns the access_token that is to be used in making the REST API calls. The code in this service access the configuration parameters needed to make the GET call. As you can see we pass the client_id,client_secret in the GET URL to generate the access_token. This access_token is then returned to the calling application.

package com.marketoandforms.core.impl;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.ParseException;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.util.EntityUtils;
import org.json.JSONException;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.marketoandforms.core.*;
@Component(service=MarketoService.class,immediate = true)
public class MarketoServiceImpl implements MarketoService {
    private final Logger log = LoggerFactory.getLogger(getClass());
MarketoConfigurationService config;
    public String getAccessToken()
        String AUTH_URL = config.getAUTH_URL();
        String CLIENT_ID = config.getCLIENT_ID();
        String CLIENT_SECRET = config.getCLIENT_SECRET();
        String AUTH_PATH = config.getAUTH_PATH();
        HttpClient httpClient = HttpClientBuilder.create().build();
        String getURL = AUTH_URL+AUTH_PATH+"&client_id="+CLIENT_ID+"&client_secret="+CLIENT_SECRET;
        log.debug("The url to get the access token is "+getURL);
        HttpGet httpGet = new HttpGet(getURL);
        try {
            HttpResponse httpResponse = httpClient.execute(httpGet);
            HttpEntity httpEntity = httpResponse.getEntity();
            org.json.JSONObject responseJSON = new org.json.JSONObject(EntityUtils.toString(httpEntity))
            return (String)responseJSON.get("access_token");
        } catch (ClientProtocolException e) {
            // TODO Auto-generated catch block
        } catch (IOException e) {
            // TODO Auto-generated catch block
        } catch (ParseException e) {
            // TODO Auto-generated catch block
        } catch (JSONException e) {
            // TODO Auto-generated catch block
        return null;

The screen-shot below shows the configuration properties that need to be set. These configuration properties are read in the code listed above to get the access_token



The following code was used to create the configuration properties. These properties are specific to your Marketo instance

package com.marketoandforms.core;

import org.osgi.service.metatype.annotations.AttributeDefinition;
import org.osgi.service.metatype.annotations.ObjectClassDefinition;

@ObjectClassDefinition(name="Marketo Credentials Service Configuration", description = "Connect Form With Marketo")
public @interface MarketoConfiguration {
     @AttributeDefinition(name="Identity Endpoint", description="URL of Marketo Identity Endpoint")
     String identityEndpoint() default "";
      @AttributeDefinition(name="Authentication path", description="Marketo authentication path")
      String authPath() default "";
      @AttributeDefinition(name="Client ID", description="Client ID")
      String clientID() default "";
      @AttributeDefinition(name="Client Secret", description="Client Secret")
      String clientSecret() default "";

The following code reads the configuration properties and returns the same via the getter methods

package com.marketoandforms.core;

import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.metatype.annotations.Designate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@Component(immediate=true, service={MarketoConfigurationService.class})
public class MarketoConfigurationService {
    private final Logger log = LoggerFactory.getLogger(getClass());
    private MarketoConfiguration config;
    private String AUTH_URL;
    private String  AUTH_PATH;
    private String CLIENT_ID ;
    private String CLIENT_SECRET;
      protected final void activate(MarketoConfiguration config) {
        System.out.println("####In my marketo activating auth service");
        AUTH_URL = config.identityEndpoint();
        AUTH_PATH = config.authPath();
        CLIENT_ID = config.clientID();
        CLIENT_SECRET = config.clientSecret();"clientID:" + CLIENT_ID);
        System.out.println("The client id is "+CLIENT_ID+"AUTH PATH"+AUTH_PATH);
    public String getAUTH_URL() {
        return AUTH_URL;
   public String getAUTH_PATH() {
        return AUTH_PATH;
    public String getCLIENT_ID() {
        return CLIENT_ID;

    public String getCLIENT_SECRET() {
        return CLIENT_SECRET;
  1. Build and deploy the bundle onto your AEM server.
  2. Point your browser to configMgr and search for “Marketo Credentials Service Configuration”
  3. Specify the appropriate properties specific to your Marketo instance

Next Steps

Create RESTful service based data source

On this page